Security

Dear All,

I would like to update the endpoint with the username of the username of the user that was authenticated.

I have ticked "Mark the user’s MAC address as a known endpoint" and I can see the relevant endpointing changin from "UnKnown" to "Known" in the Endpoint DB so I know that the web login is picking up the the correct MAC address and can connect to the endpoint DB correctly.

I have then added:

username | username

in the "Customize attributes stored with the endpoint" in the hope of adding the username from the web login to the username attribute of the endpoint but the attribute never appears...?

As far as I can work out the name of field is username (have tried user as well) and have tried combincations of capitals but all to no avail.

Am I missing something simple?

Cheers,

Jaggie

Create a new enforcement profile that updates the endpoint and add it to your web login enforcement policy.

Hi Tim,

Thats what I thought I would do but the enforcement policy never triggers on the endpoint. I expect this is because the service that the web login triggers is an "Application" and therefore the MAC address is given via URL parameters and therefore only appear in the Application:WebLoginURL:client_id variable and not as Connection:MACAddress or similiar.

Does that make sense?

Cheers

It is being used for onboarding.

If device connects (MAC-AUTH) and they are in the Endpoint DB (and Known and have a specific custom attribute set) then we will let them on and return the username to the controller from the endpoint attribute.

If device is not in the endpoint DB then assume that they are a unknown - get CP and they can decide if they are a guest (self registration or sponsor) or that they are in employee and are redirected to the weblogin in order to auth against an MS Active Directory in order to mark their endpoint as Known assign the speicific custom attributes that are needed.

Does that makes sense?

Jaggie